Friday, 5 September 2014

What is Greylisting

Greylisting is a method of defending e-mail users against spam. A mail transfer agent (MTA) using greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate the originating server will, after a delay, try again and, if sufficient time has elapsed, the email will be accepted.

Example 1: alice@sytes.net sends a message to betty@no-ip.com. Betty is using greylisting. So, on the first attempt to deliver Alice’s message Betty’s mail server denies the message and makes a note of the attempt in a database. Alice is sending through a normal email server which tries again after about four minutes. When Betty’s mail server sees this second attempt it checks the database and finds the previous note. Betty’s mail server marks the note as validated and accepts the message. Betty receives the message with only a four minute delay. Read on to see what happens when a spammer tries to send to Betty!

Example 2: Alice’s computer becomes infected with a virus and finds Betty’s address in her Outlook address book. The virus reports the address to a big spam gang. Surely Betty’s inbox will be overflowing with junk soon! The spammers add Betty to their list and begin the onslaught. The first attempt is made and Betty’s mail server temporarily rejects the message just like before. But wait, spammers aren’t normal mail servers! They are not going to waste time and resources to try to send Betty the message twice, so Betty is unaffected by the failed spam attempt and her inbox remains spam-free. At worst, the spammer tries again and the message gets through. But Betty just cost that spammer more in time and resources.